/*
 * ConfirmLogout
 * 
 * Version information
 * 
 * Feb 17, 2006
 * 
 * Copyright (c) AmSoft Systems, 2006
 */
package net.amsoft.iservice.isso.webapp.struts.action;

import java.util.HashMap;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import net.amsoft.iservice.isso.webapp.dataObject.LoginData;
import net.amsoft.iservice.isso.webapp.dataObject.SPData;
import net.amsoft.iservice.isso.client.ISSOClient;
import net.amsoft.iservice.isso.client.SAMLDataObject;
import net.amsoft.iservice.isso.util.ISSOConstants;
import net.amsoft.iservice.isso.util.SAMLProcessor;
import net.amsoft.iservice.util.MetaData;
import net.amsoft.iservice.util.ResolverClient;

import org.apache.log4j.Logger;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import org.apache.struts.action.ActionMessages;

/**
 * This action will receive SAML Logout Request from different SPs. If a <BR>
 * session exist for the referenced principal, this will show the <BR>
 * confirmation screen with options Confirm Logout and Cancel Logout <BR>
 * otherwise an error message
 * 
 * @author rahul
 * 
 */
public class ConfirmLogout extends BaseAction {
	private static final Logger oLogger = Logger.getLogger(ConfirmLogout.class);
    public ActionForward process(ActionMapping oMapping, ActionForm oForm,
            HttpServletRequest oRequest, HttpServletResponse oResponse)
            throws Exception {
        oLogger.info("process() : entry");
    	// get the session objects
        LoginData oLoginData = (LoginData) oRequest.getSession(false)
                .getAttribute(ISSOConstants.SESSION_LOGIN_OBJ);

        ActionMessages oMessages = new ActionErrors();
        SAMLDataObject oLogoutRequestData = SAMLProcessor
                .deserializeLogoutRequest(oRequest
                        .getParameter(ISSOClient.PARAM_SAML_REQUEST));

        String sReceivedSessionIndex = oLogoutRequestData.getSessionIndex();
        oLogger.debug("process() : SessionIndex="+ sReceivedSessionIndex);
        
        if (oLogoutRequestData == null) {
        	oLogger.warn("process() : LogoutRequest=null, Returning=Message Fwd");
            oMessages.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(
                    ISSOConstants.ERR_INVALID_REQUEST));
            saveMessages(oRequest, oMessages);
            return oMapping.findForward(ISSOConstants.MESSAGE_FWD);
        }
        // Check if already SSO logout
        if (!verifyCookieState(oLogoutRequestData
                .getSubjectNameIDNameQualifier(), sReceivedSessionIndex, true)) {
            MetaData oMetaData = ResolverClient
                    .getSPMetaData(oLogoutRequestData.getSPXri());
            String sSPLogoutServiceURL = oMetaData.getISLOUrl();
            oLogger.warn("process() : AlreadyLoggedOut=true, LogoutURL=" + sSPLogoutServiceURL);
            return new ActionForward(sSPLogoutServiceURL, true);
        }
        if (!oLoginData.getSessionCookie().equals(sReceivedSessionIndex)) {
            oMessages.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(
                    ISSOConstants.ERR_INVALID_REQUEST));
            saveMessages(oRequest, oMessages);
            oLogger.debug("process() : Message : Session Index does not match Session cookie");
            oLogger.debug("process() : Message : Redirecting to SP without logout");
            MetaData oMetaData = ResolverClient
                    .getSPMetaData(oLogoutRequestData.getSPXri());
            return new ActionForward(oMetaData.getISLOUrl(), true);            
        }

        HashMap ohSPData = (HashMap) oRequest.getSession(false).getAttribute(
                ISSOConstants.SESSION_LOGIN_HASH_OBJ);
        SPData oSpData = (SPData) ohSPData.get(oLogoutRequestData.getSPXri());

        oSpData.setSAMLData(oLogoutRequestData);
        oSpData.setRelayState(oRequest
                .getParameter(ISSOClient.PARAM_RELAY_STATE));
        oRequest.setAttribute(ISSOConstants.REQ_PARAM_SPXRI, oLogoutRequestData
                .getSPXri());
        oLogger.info("process() : exit");
        return oMapping.findForward(ISSOConstants.SUCCESS_FWD);
    }
}